<?php

require_once('nusoap/nusoap.php');

$server = new soap_server();
$server->configureWSDL('rorganizer', 'urn:rorganizer');
$server->wsdl->schemaTargetNamespace = 'urn:rorganizer';
$server->wsdl->addComplexType('LookupInfo', 'complexType', 'struct', 'all', '', array('Timestamp' => array('name' => 'Timestamp', 'type' => 'xsd:dateTime'), 'Hash' => array('name' => 'Hash', 'type' => 'xsd:string')));
$server->wsdl->addComplexType('LookupResult', 'complexType', 'struct', 'all', '', array('Link' => array('name' => 'Link', 'type' => 'xsd:string'), 'Timestamp' => array('name' => 'Timestamp', 'type' => 'xsd:dateTime')));
$server->wsdl->addComplexType('CommitInfo', 'complexType', 'struct', 'all', '', array('Hash' => array('name' => 'Hash', type => 'xsd:string'), 'Link' => array('name' => 'Link', 'type' => 'xsd:string')));
$server->wsdl->addComplexType('CommitResult', 'complexType', 'struct', 'all', '', array('Success' => array('name' => 'Succes', 'type' => 'xsd:boolean')));
$server->wsdl->addComplexType('ProposalInfo', 'complexType', 'struct', 'all', '', array('User' => array('name' => 'User', type => 'xsd:string'), 'Hash' => array('name' => 'Hash', type => 'xsd:string'), 'Link' => array('name' => 'Link', type => 'xsd:string'), 'Added' => array('Name' => 'Added', 'type' => 'xsd:dateTime')));
$server->wsdl->addComplexType('ProposalInfos', 'complexType', 'array', '', 'SOAP-ENC:Array', array(), array(array('ref' => 'SOAP-ENC:arrayType', 'wsdl:arrayType' => 'tns:ProposalInfo[]')), 'tns:ProposalInfo');
$server->register('Lookup', array('info' => 'tns:LookupInfo'), array('return' => 'tns:LookupResult'));
$server->register('Commit', array('username' => 'xsd:string', 'password' => 'xsd:string', 'data' => 'tns:CommitInfo'), array('return' => 'tns:CommitResult'));
$server->register('CreateUser', array('username' => 'xsd:string', 'password' => 'xsd:string', 'challenge' => 'xsd:string', 'code' => 'xsd:string'), array('return' => 'xsd:boolean'));
$server->register('GetProposals', array('username' => 'xsd:string', 'password' => 'xsd:string'), array('return' => 'tns:ProposalInfos'));
$server->register('AcceptProposal', array('username' => 'xsd:string', 'password' => 'xsd:string', 'proposal' => 'tns:ProposalInfo'), array('return' => 'xsd:boolean'));

function Lookup($info)
{
  require_once('settings.php');

  $link = mysql_connect($db_server, $db_user, $db_password) or die(mysql_error());
  $select = mysql_select_db($db_database, $link) or die(mysql_error());
  $hash = mysql_real_escape_string($info['Hash'], $link) or die(mysql_error());
  $timestamp = date('Y-d-m', $info['Timestamp']);
  $query = sprintf("select value, UNIX_TIMESTAMP(timestamp) as timestamp from imdbs where hash='%s' and timestamp > '%s'", $hash, $timestamp);
  $result = mysql_query($query, $link) or die(mysql_error());
  $info = null;

  while ($row = mysql_fetch_assoc($result))
  {
    $info = array(
      'Link' => $row['value'],
      'Timestamp' => gmDate("Y-m-d\TH:i:s\Z", $row['timestamp']));
  }

  mysql_close($link);
	return $info;
}

function Commit($username, $password, $data)
{
  require_once('settings.php');

  $link = mysql_connect($db_server, $db_user, $db_password) or die(mysql_error());
  $select = mysql_select_db($db_database, $link) or die(mysql_error());
  $hash = mysql_real_escape_string($data['Hash'], $link) or die(mysql_error());
  $imdb = mysql_real_escape_string($data['Link'], $link) or die(mysql_error());
  $user = mysql_real_escape_string($username, $link) or die(mysql_error());
  $pass = mysql_real_escape_string($password, $link) or die(mysql_error());
  $delete = sprintf("delete from proposals where proposals.hash = '%s' and proposals.user_id in (select users.id from users where users.login = '%s')", $hash, $user);
  $query = sprintf("insert into proposals(user_id, hash, value, timestamp) select users.id, '%s', '%s', now() from users where login = '%s' and password = '%s'", $hash, $imdb, $user, md5($pass));
  $result = mysql_query($delete, $link) or die(mysql_error());
  $result = mysql_query($query, $link) or die(mysql_error());
  $ret = array('Success' => mysql_affected_rows($link) == 1);
  
  mysql_close($link);
  return $ret;
}

function CreateUser($username, $password, $challenge, $code)
{
  require_once('settings.php');
  require_once('recaptcha/recaptchalib.php');
  
  $response = recaptcha_check_answer($recaptcha_private_key, $_SERVER["REMOTE_ADDR"], $challenge, $code);
  if (!$response->is_valid)
    return false;
    
  $link = mysql_connect($db_server, $db_user, $db_password) or die(mysql_error());
  $select = mysql_select_db($db_database, $link) or die(mysql_error());
  $username = mysql_real_escape_string($username, $link) or die(mysql_error());
  $password = mysql_real_escape_string($password, $link) or die(mysql_error());
  $query = sprintf("insert into users(id, login, password, timestamp, rights) select max(users.id) + 1, '%s', '%s', now(), 0 from users", $username, md5($password));
  mysql_query($query, $link) or 'Query ' . die(mysql_error());
  $ret = mysql_affected_rows($link) == 1;

  mysql_close($link);
  return $ret;
}

function GetProposals($username, $password)
{
  require_once('settings.php');

  $link = mysql_connect($db_server, $db_user, $db_password) or die(mysql_error());
  $select = mysql_select_db($db_database, $link) or die(mysql_error());
  $user = mysql_real_escape_string($username, $link) or die(mysql_error());
  $pass = mysql_real_escape_string($password, $link) or die(mysql_error());
  $rights = sprintf("select 1 from users where login = '%s' and password = '%s' and rights = 1", $user, md5($pass));
  $query = sprintf("select users.login, proposals.hash, proposals.value, UNIX_TIMESTAMP(proposals.timestamp) as timestamp from proposals join users on proposals.user_id = users.id");
  $ret = array();

  mysql_query($rights, $link);
  if (mysql_affected_rows($link) == 1)
  {
    $result = mysql_query($query, $link) or die(mysql_error());

    while ($row = mysql_fetch_assoc($result))
    {
      $ret[] = array(
        'User' => $row['login'],
        'Hash' => $row['hash'],
        'Link' => $row['value'],
        'Added' =>gmDate("Y-m-d\TH:i:s\Z", $row['timestamp']));
    }
  }
  
  mysql_close($link);
  return $ret;
}

function AcceptProposal($username, $password, $proposal)
{
  require_once('settings.php');

  $link = mysql_connect($db_server, $db_user, $db_password) or die(mysql_error());
  $select = mysql_select_db($db_database, $link) or die(mysql_error());
  $user = mysql_real_escape_string($username, $link) or die(mysql_error());
  $pass = mysql_real_escape_string($password, $link) or die(mysql_error());
  $hash = mysql_real_escape_string($proposal['Hash'], $link) or die(mysql_error());
  $value = mysql_real_escape_string($proposal['Link'], $link) or die(mysql_error());
  $login = mysql_real_escape_string($proposal['User'], $link) or die(mysql_error());
  $rights = sprintf("select 1 from users where login = '%s' and password = '%s' and rights = 1", $user, md5($pass));
  $query = sprintf("insert into imdbs(hash, value, timestamp, user_id) select proposals.hash, proposals.value, now(), users.id from proposals join users on proposals.user_id = users.id where proposals.hash = '%s' and proposals.value = '%s' and users.login = '%s'", $hash, $value, $login);
  $clean = sprintf("delete from proposals where proposals.hash = '%s' and proposals.value = '%s'", $hash, $value);

  mysql_query($rights, $link) or die('Rights: ' . mysql_error());
  $ret = mysql_affected_rows($link) == 1;
  
  if ($ret)
  {
    mysql_query($query, $link) or die('Query: ' . mysql_error());
    $ret = mysql_affected_rows($link) == 1;
  }
  
  if ($ret)
  {
    mysql_query($clean, $link) or die('Clean: ' . mysql_error());
    $ret = mysql_affected_rows($link) == 1;
  }
  
  mysql_close($link);
  return $ret;  
}

$HTTP_RAW_POST_DATA = isset($HTTP_RAW_POST_DATA) ? $HTTP_RAW_POST_DATA : '';
$server->service($HTTP_RAW_POST_DATA);

?>